CVSS: 10.0EPSS: 89%CPEs: 28EXPL: 4CVE-2002-1337 – Sendmail 8.11.x (Linux/i386) - Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2002-1337
Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c. Desbordamiento de búfer en Sendmail 5.79 a la 8.12.7 que permite a atacantes remotos la ejecución arbitraria de código mediante ciertos campos de dirección formateados, relativos a comentarios de cabecera de emisor y receptor, procesados por la función crackaddr del fichero headers.c. • https://www.exploit-db.com/exploits/411 https://www.exploit-db.com/exploits/22313 https://www.exploit-db.com/exploits/22314 ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-002.txt.asc ftp://ftp.sco.com/pub/updates/OpenServer/CSSA-2003-SCO.6 ftp://ftp.sco.com/pub/updates/UnixWare/CSSA-2003-SCO.5 ftp://patches.sgi.com/support/free/security/advisories/20030301-01-P http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000571 http://frontal2. • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.5EPSS: 0%CPEs: 91EXPL: 0CVE-2003-0064
https://notcve.org/view.php?id=CVE-2003-0064
The dtterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. El emulador de terminal dtterm permite a atacantes modificar el título de la ventana mediante una cierta secuencia de carácter de escape, y a continuación insertarlo de nuevo en la linea de comandos del terminal del usuario, por ejemplo cuando el usuario ve un fichero conteniendo la secuencia maliciosa, lo que podría permitir al atacante ejecutar comandos arbitrarios. • http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0093.html http://marc.info/?l=bugtraq&m=104612710031920&w=2 http://www.iss.net/security_center/static/11414.php http://www.securityfocus.com/advisories/6236 http://www.securityfocus.com/bid/6942 •
CVSS: 10.0EPSS: 23%CPEs: 1EXPL: 5CVE-2001-1583 – Solaris 10 LPD - Arbitrary File Delete
https://notcve.org/view.php?id=CVE-2001-1583
lpd daemon (in.lpd) in Solaris 8 and earlier allows remote attackers to execute arbitrary commands via a job request with a crafted control file that is not properly handled when lpd invokes a mail program. NOTE: this might be the same vulnerability as CVE-2000-1220. • https://www.exploit-db.com/exploits/1167 https://www.exploit-db.com/exploits/9921 https://www.exploit-db.com/exploits/16322 https://www.exploit-db.com/exploits/21097 http://marc.info/?l=bugtraq&m=99929694701826&w=2 http://metasploit.com/projects/Framework/modules/exploits/solaris_lpd_exec.pm http://www.derkeiler.com/Mailing-Lists/securityfocus/incidents/2001-08/0490.html http://www.osvdb.org/15131 http://www.securityfocus.com/bid/3274 https://exchange.xforce.ibmcloud.co • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 10.0EPSS: 97%CPEs: 43EXPL: 9CVE-2001-0797 – System V Derived /bin/login - Extraneous Arguments Buffer Overflow
https://notcve.org/view.php?id=CVE-2001-0797
Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin. Desbordamiento de búfer en la entrada a varios sistemas operativos basados en System V, permite a atacantes remotos la ejecución de comandos arbitrarios mediante un gran número de argumentos a través de servicios como telnet y rlogin. • https://www.exploit-db.com/exploits/16928 https://www.exploit-db.com/exploits/346 https://www.exploit-db.com/exploits/716 https://www.exploit-db.com/exploits/57 https://www.exploit-db.com/exploits/9917 https://www.exploit-db.com/exploits/16327 https://www.exploit-db.com/exploits/10036 https://www.exploit-db.com/exploits/21179 ftp://patches.sgi.com/support/free/security/advisories/20011201-01-I ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.40/ •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 2CVE-2001-0652 – Solaris 2.6/7/8 (SPARC) - xlock Heap Overflow
https://notcve.org/view.php?id=CVE-2001-0652
Heap overflow in xlock in Solaris 2.6 through 8 allows local users to gain root privileges via a long (1) XFILESEARCHPATH or (2) XUSERFILESEARCHPATH environmental variable. • https://www.exploit-db.com/exploits/21058 https://www.exploit-db.com/exploits/21059 http://marc.info/?l=bugtraq&m=99745571104126&w=2 http://www.securityfocus.com/bid/3160 https://exchange.xforce.ibmcloud.com/vulnerabilities/6967 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A131 •